Firefox Update Patches Critical Security Flaws

Mozilla has pushed out a new version of Firefox with fixes for a number of security flaws, two of which were rated as critical. The new version also includes some accessibility improvements.If you’re running Firefox 3, you should download this update now. At the moment, you’ll need to grab it by hand from the Mozilla site.

The update brings Firefox to version 3.0.2 and patches two critical security flaws: a memory corruption bug and a privilege escalation bug, which involved the XPCnativeWrapper component of Firefox. This privilege escalation bug is of particular note, as an attacker could use the exploit to run scripts inside your browser. Users running NoScript, or those surfing with JavaScript turned off aren’t likely to find themselves compromised, but this update contains a good number of fixes, so we’d recommend downloading it anyway. For a complete list of all the bug fixes, see Mozilla’s release notes.